The emails “add graphic and designs they are stealing from the web, to simply try and represent themselves as official emails from the company—hoping for potential victims to click,” says Fatih Orhan, director of technology for the Clifton, N.J.-based company.

He adds the website “is designed to try and capture credit card and financial information from business or consumers who try and make a purchase, once they click on the links, It would appear as if they are placing an order with the legitimate web site. The credit card information as well as user credentials of original domain will be sent to the cybercriminals.”

Jeff McGowan, ?Pandora’s vice president of digital marketing and e-commerce, says the Danish brand has been dealing with these issues for a while.

“Every major brand has these type of folks going after them,” he says. “This particular company we have seen in China. They have moved to Russia and now our brand protection team is working to shut them down in Russia. It’s a game of whack-a-mole. We spend a vast amount of resources to insure that our brand is protected.”